Senior Compliance Operations Analyst, Data and Regulatory

Summary

Join ZipRecruiter's Compliance Team as a Sr. Compliance Operations Analyst and contribute to the development of our technical and regulatory compliance function. You will coordinate and execute internal and external compliance activities, optimize processes, and manage projects. This role requires knowledge of compliance frameworks (SOX, SOC 1/2), a data-driven mindset, and excellent communication skills. You will collaborate with various teams, including Legal, Internal Audit, and IT, to ensure compliance. The position offers a hybrid work environment and a competitive benefits package.

Requirements

• 5+ years of hands-on experience in a technical compliance role
• Deep understanding of IT control frameworks (COBIT, NIST, ISO 27002, etc.)
• Working knowledge of Sarbanes-Oxley, SSAE18/SOC Reporting
• Solid understanding of security, privacy, and regulatory frameworks (ISO 27001, NIST 800-171, CMMC, PCI-DSS)
• Practical experience with control design and implementation, as well as issues remediation and risk assessments, including developing and effectively communicating requirements to stakeholder groups
• Experience collaborating with internal and external auditors on topics including, but not limited to, control design, issue remediation & risk assessment, and SOC 1/2 reporting
• Proven ability to multitask, independently manage multiple projects, prioritize competing deadlines, and deliver results under tight timelines , with a track record of exceeding expectations
• Proven ability to problem solve ambiguous business issues with limited information. The right candidate will be comfortable reaching out to and working with cross functional teams to articulate the problem statement and brainstorm solutions to address identified issues
• Demonstrated attention to detail, especially with regard to communications and requirements
• Experience in practicing professional skepticism in reviewing documentation and articulating rationale for conclusions reached. Additionally, ensuring documentation reviewed is complete and accurate
• Previous experience establishing processes and influencing others to engage in the process
• Proficiency in MS Office, G-Suite tools (Google Docs, Sheets, Slides, Calendar), and AuditBoard
• Exceptional at working as part of a team and independently in a fast-paced, constantly evolving environment

Responsibilities

• Lead, coordinate and drive compliance projects and tasks to completion in partnership with Internal Audit and other departments
• Manage responses to internal and external audit requests, including document and evidence retrieval and preparing presentation materials
• Develop corrective action plans and perform risk assessments for deficient controls, as needed
• Collaborate with Control Owners to proactively identify gaps, mitigate risks, provide suggestions for remediation, and ensure high-quality remediation evidence is delivered
• Coordinate timely annual retrieval of SOC 1 Type 2 reports and Bridge Letters, prepare SOC 1 Type 2 Report review templates, and coordinate annual review with business process stakeholders
• Manage the quarterly user access review process, partnering with IT and other system owners to review system roles, investigate exceptions, and review and submit documentation to meet compliance obligations
• Provide training and guidance to stakeholders and Control Owners to ensure they understand their role and responsibilities. Proactively identify opportunities for policy and process improvements, working with cross-functional teams to create and maintain high-quality documentation, and conduct regular reviews and updates
• Build strong working relationships with the Legal, Internal Audit, IT, Accounting, People/HR, Engineering, Product and Security teams to support compliance efforts
• Partner with cross-functional stakeholders to proactively monitor business, system, and process changes to assess new risks, recommend new controls or updates to existing controls, and support implementation efforts
• Partner with stakeholders to design and implement new or additional internal controls, as needed
• Recommend automation, improvements, or optimizations to the technical compliance process, partnering with technical team leads to built, tested, and launch such features, in accordance with internal and external standards and controls
• Serve as a trusted compliance advisor, making compliance processes accessible and manageable for internal teams
• Proactively track compliance deadlines, scheduling alignment meetings in advance to ensure preparedness
• Embrace the ZipRecruiter culture, an open and data-centric approach to collaboratively making decisions
• Adapt to evolving business needs by taking initiative in new compliance areas as they arise

Preferred Qualifications

• Technology industry experience
• Experience collaborating with stakeholders in multiple disciplines, including but not limited to, Product, Engineering, Accounting/Finance, Internal Audit, People, etc
• Professional audit, risk, or compliance certifications (CPA, CRMA, CIA, CISA)
• Working knowledge of Service Organization Control 2 (SOC 2) process and controls
• Experience working with AWS, GitHub, SalesForce, SaaS ERP, GL and reporting tools and systems
• Advanced proficiency in AuditBoard and Jira
• Have worked in a Sr. Compliance Operations Analyst or similar role at another technology company and/or as an external auditor in an accounting firm

Benefits

• Competitive salary
• Exceptional benefits package
• Flexible Vacation & Paid Time Off
• Employer-matched 401(k) plan
• Hybrid work environment